474172261 / DataProtector
A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
☆27Updated 6 years ago
Alternatives and similar repositories for DataProtector:
Users that are interested in DataProtector are comparing it to the libraries listed below
- ☆33Updated 4 years ago
- ☆28Updated 4 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- copy of tdifw lib☆10Updated 7 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- Static Library For Windows Drivers☆33Updated 2 months ago
- HTTP/HTTPS/DNS inspector (windows driver)☆26Updated 6 years ago
- use crystalCPUID to identify vt-x & amd-v☆16Updated 10 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Updated 11 years ago
- A tool to investigate the Windows device manager☆14Updated 6 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆34Updated 5 years ago
- Notes my learning steps about Windows-NT☆23Updated 7 years ago
- windows kernel File redirection☆20Updated 10 years ago
- network filter driver that control network send speed, based on windows tdi framework.☆31Updated last year
- ☆12Updated 7 years ago
- Wow64 syscall hook☆40Updated 7 years ago
- Final Transparent encrypted version☆14Updated 8 years ago
- Remote memory library in C++17.☆31Updated 6 years ago
- Locked home page for Internet Explorer.☆20Updated 11 years ago
- Shareds for kernel developement☆28Updated 11 years ago
- Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets☆37Updated 10 years ago
- Windows Minifilter driver that redirects any I/O Request of mp3 files to a target file☆17Updated 9 years ago
- User-mode program parsing logs created by HyperPlatform☆18Updated 8 years ago
- a network filter using NDIS hook technique☆19Updated 12 years ago
- XDK is a fully featured C++ wrapper library for Windows kernel development☆20Updated 9 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- enable libemu run pe file and add some good modify☆14Updated 6 years ago
- ☆12Updated 7 years ago